Default to binding to loopback address

Binds to the address returned by `InetAddress.getLoopbackAddress()`.

Closes #11300

docs/reference/migration/migrate_2_0.asciidoc

@@ -4,6 +4,11 @@
 This section discusses the changes that you need to be aware of when migrating
 your application to Elasticsearch 2.0.
 
+=== Networking
+
+Elasticsearch now binds to the loopback interface by default (usually 127.0.0.1
+or ::1), the setting `network.host` can be specified to change this behavior.
+
 === Indices API
 
 The <<alias-retrieving, get alias api>> will, by default produce an error response
@@ -641,4 +646,4 @@ The following breaks in backwards compatability have been made on indices with t
 created on or after clusters with version 2.0:
 * The `type` option on the `_parent` field can only point to a parent type that doesn't exist yet,
   so this means that an existing type/mapping can no longer become a parent type.
-* The `has_child` and `has_parent` queries can no longer be use in alias filters.
+* The `has_child` and `has_parent` queries can no longer be use in alias filters.

docs/reference/modules/network.asciidoc

@@ -8,15 +8,14 @@ configuration, for example, the
 network settings allows to set common settings that will be shared among
 all network based modules (unless explicitly overridden in each module).
 
-The `network.bind_host` setting allows to control the host different
-network components will bind on. By default, the bind host will be
-`anyLocalAddress` (typically `0.0.0.0` or `::0`).
-
-The `network.publish_host` setting allows to control the host the node
-will publish itself within the cluster so other nodes will be able to
-connect to it. Of course, this can't be the `anyLocalAddress`, and by
-default, it will be the first non loopback address (if possible), or the
-local address.
+The `network.bind_host` setting allows to control the host different network
+components will bind on. By default, the bind host will be `anyLoopbackAddress`
+(typically `127.0.0.1` or `::1`).
+
+The `network.publish_host` setting allows to control the host the node will
+publish itself within the cluster so other nodes will be able to connect to it.
+Of course, this can't be the `anyLocalAddress`, and by default, it will be the
+first loopback address (if possible), or the local address.
 
 The `network.host` setting is a simple setting to automatically set both
 `network.bind_host` and `network.publish_host` to the same host value.

src/main/java/org/elasticsearch/common/network/MulticastChannel.java

@@ -61,13 +61,16 @@ public abstract class MulticastChannel implements Closeable {
         public final int bufferSize;
         public final int ttl;
         public final InetAddress multicastInterface;
+        public final boolean deferToInterface;
 
-        public Config(int port, String group, int bufferSize, int ttl, InetAddress multicastInterface) {
+        public Config(int port, String group, int bufferSize, int ttl,
+                      InetAddress multicastInterface, boolean deferToInterface) {
             this.port = port;
             this.group = group;
             this.bufferSize = bufferSize;
             this.ttl = ttl;
             this.multicastInterface = multicastInterface;
+            this.deferToInterface = deferToInterface;
         }
 
         @Override
@@ -281,12 +284,23 @@ public abstract class MulticastChannel implements Closeable {
         }
 
         private MulticastSocket buildMulticastSocket(Config config) throws Exception {
+            SocketAddress addr = new InetSocketAddress(InetAddress.getByName(config.group), config.port);
             MulticastSocket multicastSocket = new MulticastSocket(config.port);
             try {
                 multicastSocket.setTimeToLive(config.ttl);
-                // set the send interface
-                multicastSocket.setInterface(config.multicastInterface);
-                multicastSocket.joinGroup(InetAddress.getByName(config.group));
+                // OSX is not smart enough to tell that a socket bound to the
+                // 'lo0' interface needs to make sure to send the UDP packet
+                // out of the lo0 interface, so we need to do some special
+                // workarounds to fix it.
+                if (config.deferToInterface) {
+                    // 'null' here tells the socket to deter to the interface set
+                    // with .setInterface
+                    multicastSocket.joinGroup(addr, null);
+                    multicastSocket.setInterface(config.multicastInterface);
+                } else {
+                    multicastSocket.setInterface(config.multicastInterface);
+                    multicastSocket.joinGroup(InetAddress.getByName(config.group));
+                }
                 multicastSocket.setReceiveBufferSize(config.bufferSize);
                 multicastSocket.setSendBufferSize(config.bufferSize);
                 multicastSocket.setSoTimeout(60000);

src/main/java/org/elasticsearch/common/network/NetworkService.java

@@ -96,7 +96,7 @@ public class NetworkService extends AbstractComponent {
 
 
     public InetAddress resolveBindHostAddress(String bindHost) throws IOException {
-        return resolveBindHostAddress(bindHost, null);
+        return resolveBindHostAddress(bindHost, InetAddress.getLoopbackAddress().getHostAddress());
     }
 
     public InetAddress resolveBindHostAddress(String bindHost, String defaultValue2) throws IOException {
@@ -104,7 +104,8 @@ public class NetworkService extends AbstractComponent {
     }
 
     public InetAddress resolvePublishHostAddress(String publishHost) throws IOException {
-        InetAddress address = resolvePublishHostAddress(publishHost, null);
+        InetAddress address = resolvePublishHostAddress(publishHost,
+                InetAddress.getLoopbackAddress().getHostAddress());
         // verify that its not a local address
         if (address == null || address.isAnyLocalAddress()) {
             address = NetworkUtils.getFirstNonLoopbackAddress(NetworkUtils.StackType.IPv4);

src/main/java/org/elasticsearch/discovery/zen/ping/multicast/MulticastZenPing.java

@@ -126,8 +126,12 @@ public class MulticastZenPing extends AbstractLifecycleComponent<ZenPing> implem
             // we know OSX has bugs in the JVM when creating multiple instances of multicast sockets
             // causing for "socket close" exceptions when receive and/or crashes
             boolean shared = settings.getAsBoolean("discovery.zen.ping.multicast.shared", Constants.MAC_OS_X);
+            // OSX does not correctly send multicasts FROM the right interface
+            boolean deferToInterface = settings.getAsBoolean("discovery.zen.ping.multicast.defer_group_to_set_interface", Constants.MAC_OS_X);
             multicastChannel = MulticastChannel.getChannel(nodeName(), shared,
-                    new MulticastChannel.Config(port, group, bufferSize, ttl, networkService.resolvePublishHostAddress(address)),
+                    new MulticastChannel.Config(port, group, bufferSize, ttl,
+                            networkService.resolvePublishHostAddress(address),
+                            deferToInterface),
                     new Receiver());
         } catch (Throwable t) {
             String msg = "multicast failed to start [{}], disabling. Consider using IPv4 only (by defining env. variable `ES_USE_IPV4`)";